Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1986506 (CVE-2021-37576) - CVE-2021-37576 kernel: powerpc: KVM guest OS users can cause host OS memory corruption
Summary: CVE-2021-37576 kernel: powerpc: KVM guest OS users can cause host OS memory c...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2021-37576
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1986507 1988212 1988214 1988215 1988216 1988217 1988218 1988219 1988220 1988221 1988222 1988223 1988224 1988225 1988226 1988227 1988228 1988229 1988230
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-07-27 17:38 UTC by Guilherme de Almeida Suckevicz
Modified: 2022-04-17 21:31 UTC (History)
53 users (show)

Fixed In Version: kernel 5.14-4rc3
Clone Of:
Environment:
Last Closed: 2021-09-07 14:33:23 UTC
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2021:3847 0 None None None 2021-10-13 14:32:47 UTC
Red Hat Product Errata RHBA-2021:3862 0 None None None 2021-10-14 13:47:43 UTC
Red Hat Product Errata RHBA-2021:3867 0 None None None 2021-10-14 14:14:49 UTC
Red Hat Product Errata RHBA-2021:3898 0 None None None 2021-10-19 01:16:14 UTC
Red Hat Product Errata RHBA-2021:3911 0 None None None 2021-10-19 09:11:16 UTC
Red Hat Product Errata RHSA-2021:3436 0 None None None 2021-09-07 09:56:02 UTC
Red Hat Product Errata RHSA-2021:3442 0 None None None 2021-09-07 14:56:40 UTC
Red Hat Product Errata RHSA-2021:3443 0 None None None 2021-09-07 15:07:05 UTC
Red Hat Product Errata RHSA-2021:3444 0 None None None 2021-09-07 15:20:59 UTC
Red Hat Product Errata RHSA-2021:3446 0 None None None 2021-09-07 16:46:54 UTC
Red Hat Product Errata RHSA-2021:3447 0 None None None 2021-09-07 18:00:33 UTC
Red Hat Product Errata RHSA-2021:3725 0 None None None 2021-10-05 07:52:59 UTC
Red Hat Product Errata RHSA-2021:3766 0 None None None 2021-10-12 07:44:14 UTC
Red Hat Product Errata RHSA-2021:3768 0 None None None 2021-10-12 09:34:32 UTC
Red Hat Product Errata RHSA-2021:3801 0 None None None 2021-10-12 15:29:14 UTC
Red Hat Product Errata RHSA-2021:3812 0 None None None 2021-10-12 15:05:04 UTC
Red Hat Product Errata RHSA-2021:3814 0 None None None 2021-10-12 15:05:34 UTC
Red Hat Product Errata RHSA-2021:3987 0 None None None 2021-10-26 07:38:12 UTC
Red Hat Product Errata RHSA-2021:4000 0 None None None 2021-10-26 16:21:10 UTC

Description Guilherme de Almeida Suckevicz 2021-07-27 17:38:26 UTC
arch/powerpc/kvm/book3s_rtas.c in the Linux kernel on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via syscalls from the guest.

Reference:
https://lore.kernel.org/linuxppc-dev/87im0x1lqi.fsf@mpe.ellerman.id.au/T/#u

Upstream patch:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f62f3c20647ebd5fb6ecb8f0b477b9281c44c10a

Comment 1 Guilherme de Almeida Suckevicz 2021-07-27 17:42:27 UTC
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1986507]

Comment 13 Wade Mealing 2021-08-02 01:47:49 UTC
Ah, i'll fix that now.

Comment 14 errata-xmlrpc 2021-09-07 09:55:58 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:3436 https://access.redhat.com/errata/RHSA-2021:3436

Comment 15 Product Security DevOps Team 2021-09-07 14:33:23 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-37576

Comment 16 errata-xmlrpc 2021-09-07 14:56:38 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Extended Update Support

Via RHSA-2021:3442 https://access.redhat.com/errata/RHSA-2021:3442

Comment 17 errata-xmlrpc 2021-09-07 15:07:03 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2021:3443 https://access.redhat.com/errata/RHSA-2021:3443

Comment 18 errata-xmlrpc 2021-09-07 15:20:56 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Extended Update Support

Via RHSA-2021:3444 https://access.redhat.com/errata/RHSA-2021:3444

Comment 19 errata-xmlrpc 2021-09-07 16:46:50 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2021:3446 https://access.redhat.com/errata/RHSA-2021:3446

Comment 20 errata-xmlrpc 2021-09-07 18:00:30 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:3447 https://access.redhat.com/errata/RHSA-2021:3447

Comment 21 errata-xmlrpc 2021-10-05 07:52:56 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.4 Advanced Update Support

Via RHSA-2021:3725 https://access.redhat.com/errata/RHSA-2021:3725

Comment 22 errata-xmlrpc 2021-10-12 07:44:10 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.3 Advanced Update Support

Via RHSA-2021:3766 https://access.redhat.com/errata/RHSA-2021:3766

Comment 23 errata-xmlrpc 2021-10-12 09:34:29 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2021:3768 https://access.redhat.com/errata/RHSA-2021:3768

Comment 24 errata-xmlrpc 2021-10-12 15:05:01 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.6 Advanced Update Support
  Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.6 Telco Extended Update Support

Via RHSA-2021:3812 https://access.redhat.com/errata/RHSA-2021:3812

Comment 25 errata-xmlrpc 2021-10-12 15:05:31 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions

Via RHSA-2021:3814 https://access.redhat.com/errata/RHSA-2021:3814

Comment 26 errata-xmlrpc 2021-10-12 15:29:11 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2021:3801 https://access.redhat.com/errata/RHSA-2021:3801

Comment 27 errata-xmlrpc 2021-10-26 07:38:09 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.7 Advanced Update Support
  Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.7 Telco Extended Update Support

Via RHSA-2021:3987 https://access.redhat.com/errata/RHSA-2021:3987

Comment 28 errata-xmlrpc 2021-10-26 16:21:06 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions

Via RHSA-2021:4000 https://access.redhat.com/errata/RHSA-2021:4000


Note You need to log in before you can comment on or make changes to this bug.